A voir également:
- Ordinateur infecté
- Ordinateur lent - Guide
- Réinitialiser ordinateur - Guide
- Ordinateur ecran noir - Guide
- Pad ordinateur - Guide
- Cpu ordinateur - Guide
21 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
7 févr. 2012 à 18:31
7 févr. 2012 à 18:31
slt
colle un rapport d'analyse avec roguekiller
colle un rapport d'analyse avec roguekiller
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
7 févr. 2012 à 19:11
7 févr. 2012 à 19:11
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(outil de diagnostic)
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
ou sinon pour transmettre ton rapport:
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(outil de diagnostic)
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
ou sinon pour transmettre ton rapport:
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
7 févr. 2012 à 22:39
7 févr. 2012 à 22:39
Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
Copie/colle les lignes en gras suivantes :
----------------------------------------------------------
O42 - Logiciel: pdfforge Toolbar v4.6 - (.Spigot, Inc..) [HKLM] -- {E6098043-1183-4580-89EF-423CBF807188
M0 - MFSP: prefs.js [Kooli - 6fmb9fsc.default] http://search.imesh.net/
M2 - MFEP: prefs.js [Kooli - 6fmb9fsc.default\{f999a48b-1950-4d81-9971-79018f807b4b}] [] FreeOnlineRadioPlayerRecorder Community Toolbar v3.8.1.0 (.Conduit Ltd..)
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O4 - Global Startup: C:\Users\Kooli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk . (...) -- C:\Program Files\iMesh Applications\iMesh\iMesh.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {8DEC1463-C363-44F8-BD01-5A986A3AA24E} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} - (Web Search) - http://search.imesh.net/
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} [DefaultScope] - (Web Search) - http://www.searchnu.com/
----------------------------------------------------------
- Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
ensuite tu peux passer malwarebyte et norton antivirus pour voir si ils trouvent des infections
mets à jour tes navigateurs
internet explorer en est à la version 9
et firefox la 10 ...
et dis nous comment va ton pc
Copie/colle les lignes en gras suivantes :
----------------------------------------------------------
O42 - Logiciel: pdfforge Toolbar v4.6 - (.Spigot, Inc..) [HKLM] -- {E6098043-1183-4580-89EF-423CBF807188
M0 - MFSP: prefs.js [Kooli - 6fmb9fsc.default] http://search.imesh.net/
M2 - MFEP: prefs.js [Kooli - 6fmb9fsc.default\{f999a48b-1950-4d81-9971-79018f807b4b}] [] FreeOnlineRadioPlayerRecorder Community Toolbar v3.8.1.0 (.Conduit Ltd..)
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFree.dll
O4 - Global Startup: C:\Users\Kooli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk . (...) -- C:\Program Files\iMesh Applications\iMesh\iMesh.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {8DEC1463-C363-44F8-BD01-5A986A3AA24E} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} - (Web Search) - http://search.imesh.net/
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} [DefaultScope] - (Web Search) - http://www.searchnu.com/
----------------------------------------------------------
- Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
ensuite tu peux passer malwarebyte et norton antivirus pour voir si ils trouvent des infections
mets à jour tes navigateurs
internet explorer en est à la version 9
et firefox la 10 ...
et dis nous comment va ton pc
Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-2-8-2012-3-20-12 PM.txt
Run by Kooli at 2/8/2012 3:20:07 PM
Windows 7 Business Edition, 32-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Software ==========
NOT FOUND Software Key: {E6098043-1183-4580-89EF-423CBF807188
========== Registry Key ==========
DELETED Key: CLSID BHO: {f999a48b-1950-4d81-9971-79018f807b4b}
DELETED Key: SearchScopes :{8DEC1463-C363-44F8-BD01-5A986A3AA24E}
DELETED Key: SearchScopes :{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
DELETED Key: SearchScopes :{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
========== Registry Value ==========
DELETED URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b}
DELETED Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b}
========== Browser Profiles ==========
DELETED Mozilla Pref: http://search.imesh.com
========== Repertory ==========
DELETED Folder: C:\Users\Kooli\AppData\Roaming\Mozilla\Firefox\Profiles\6fmb9fsc.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
========== File ==========
DELETE on Reboot c:\program files\freeonlineradioplayerrecorder\prxtbfree.dll
DELETED File: c:\users\kooli\appdata\roaming\microsoft\internet explorer\quick launch\imesh.lnk
NOT FOUND File: c:\program files\imesh applications\imesh\imesh.exe
========== Summary ==========
4 : Registry Key
2 : Registry Value
1 : Repertory
3 : File
1 : Software
1 : Browser Profiles
End of clean in 05mn AMs
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 2/7/2012 9:32:11 PM [7710]
C:\ZHP\ZHPFix[R2].txt - 2/8/2012 3:20:07 PM [1655]
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-2-8-2012-3-20-12 PM.txt
Run by Kooli at 2/8/2012 3:20:07 PM
Windows 7 Business Edition, 32-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Software ==========
NOT FOUND Software Key: {E6098043-1183-4580-89EF-423CBF807188
========== Registry Key ==========
DELETED Key: CLSID BHO: {f999a48b-1950-4d81-9971-79018f807b4b}
DELETED Key: SearchScopes :{8DEC1463-C363-44F8-BD01-5A986A3AA24E}
DELETED Key: SearchScopes :{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
DELETED Key: SearchScopes :{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
========== Registry Value ==========
DELETED URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b}
DELETED Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b}
========== Browser Profiles ==========
DELETED Mozilla Pref: http://search.imesh.com
========== Repertory ==========
DELETED Folder: C:\Users\Kooli\AppData\Roaming\Mozilla\Firefox\Profiles\6fmb9fsc.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
========== File ==========
DELETE on Reboot c:\program files\freeonlineradioplayerrecorder\prxtbfree.dll
DELETED File: c:\users\kooli\appdata\roaming\microsoft\internet explorer\quick launch\imesh.lnk
NOT FOUND File: c:\program files\imesh applications\imesh\imesh.exe
========== Summary ==========
4 : Registry Key
2 : Registry Value
1 : Repertory
3 : File
1 : Software
1 : Browser Profiles
End of clean in 05mn AMs
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 2/7/2012 9:32:11 PM [7710]
C:\ZHP\ZHPFix[R2].txt - 2/8/2012 3:20:07 PM [1655]
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 févr. 2012 à 21:37
8 févr. 2012 à 21:37
désinstalle Internet Download Manager
et dis si cela marche les téléchargements
et dis si cela marche les téléchargements
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salut,
RogueKiller V7.0.3 [06/02/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur: Kooli [Droits d'admin]
Mode: Recherche -- Date : 07/02/2012 18:52:35
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 4 ¤¤¤
[BLACKLIST DLL] HKLM\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM321HI +++++
--- User ---
[MBR] c6dd7d5125a32d587b0c7b66de397f58
[BSP] 41d24ad988734da7d4bc00322d14762c : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
2 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 30926848 | Size: 102400 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V7.0.3 [06/02/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur: Kooli [Droits d'admin]
Mode: Recherche -- Date : 07/02/2012 18:52:35
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 4 ¤¤¤
[BLACKLIST DLL] HKLM\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM321HI +++++
--- User ---
[MBR] c6dd7d5125a32d587b0c7b66de397f58
[BSP] 41d24ad988734da7d4bc00322d14762c : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
2 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 30926848 | Size: 102400 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1].txt >>
RKreport[1].txt
re,
j'ai utilisé adwCleaner,
voici le rapport de la recherche,
http://cjoint.com/data/0BhubZe7zMA.htm
j'ai utilisé adwCleaner,
voici le rapport de la recherche,
http://cjoint.com/data/0BhubZe7zMA.htm
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
7 févr. 2012 à 20:09
7 févr. 2012 à 20:09
colle un rapport de suppression/nettoyage avec adwcleaner
puis remets un rapport zhpdiag
puis remets un rapport zhpdiag
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
7 févr. 2012 à 20:11
7 févr. 2012 à 20:11
puis remets un rapport zhpdiag
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
Modifié par jlpjlp le 7/02/2012 à 21:05
Modifié par jlpjlp le 7/02/2012 à 21:05
Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
Copie/colle les lignes en gras suivantes :
----------------------------------------------------------
[HKLM\Software\Classes\AppID\DiscoveryHelper.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\GIFAnimator.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\iMesh.exe] =>PUP.iMesh
[HKLM\Software\Classes\AppID\IMTrProgress.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\IMWeb.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery] =>PUP.iMesh
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1] =>PUP.iMesh
[HKLM\Software\Classes\escort.escrtBtn.1] =>Toolbar.Babylon
[HKLM\Software\Classes\iMesh.AudioCD] =>PUP.iMesh
[HKLM\Software\Classes\iMesh.Device] =>PUP.iMesh
[HKLM\Software\Classes\iMesh.file] =>PUP.iMesh
[HKLM\Software\Classes\iMeshIEHelper.DNSGuard] =>PUP.iMesh
[HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1] =>PUP.iMesh
[HKLM\Software\Classes\imweb.imwebcontrol] =>PUP.iMesh
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{1fc41815-fa4c-4f8b-b143-2c045c8ea2fc}] =>Toolbar.Kiwee
[HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{252c2315-cce0-4446-8da7-c00292a690ba}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh
[HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Toolbar.Facemood
[HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{69d3f709-9de2-479f-980f-532d46895703}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare
[HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}] =>Toolbar.SweetIM
[HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}] =>Toolbar.Facemood
[HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio
[HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}] =>PUP.BearShare
[HKLM\Software\Classes\TypeLib\{ec96f516-51b2-4b46-8451-8665f5a6ba2b}] =>Adware.BHO
[HKLM\Software\Classes\TypeLib\{f07fbd3e-2048-44a4-9065-71bf551e2672}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}] =>PUP.iMesh
[HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}] =>PUP.iMesh
[HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DataMngr] =>Adware.Bandoo
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Facemoods] =>Toolbar.Facemoods
[HKCU\Software\HotspotShield] =>Toolbar.Conduit
[HKLM\Software\HotspotShield] =>Toolbar.Conduit
[HKCU\Software\iMesh] =>PUP.iMesh
[HKLM\Software\iMesh] =>PUP.iMesh
[HKLM\Software\iMeshMediabarTB] =>PUP.iMesh
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh] =>PUP.iMesh
C:\Program Files\Hotspot Shield =>Toolbar.Conduit
C:\Program Files\iMesh Applications =>PUP.iMesh
C:\ProgramData\hssff =>Toolbar.Conduit
C:\ProgramData\iMesh =>PUP.iMesh
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield =>Toolbar.Conduit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh =>PUP.iMesh
C:\Users\Kooli\AppData\Local\iMesh =>PUP.iMesh
C:\Users\Kooli\AppData\LocalLow\facemoods.com =>Toolbar.Facemoods
C:\Users\Kooli\AppData\LocalLow\imeshbandmltbpi =>PUP.iMesh
C:\Users\Kooli\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar =>Toolbar.AskTBar
----------------------------------------------------------
- Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
Copie/colle les lignes en gras suivantes :
----------------------------------------------------------
[HKLM\Software\Classes\AppID\DiscoveryHelper.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\GIFAnimator.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\iMesh.exe] =>PUP.iMesh
[HKLM\Software\Classes\AppID\IMTrProgress.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\IMWeb.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery] =>PUP.iMesh
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1] =>PUP.iMesh
[HKLM\Software\Classes\escort.escrtBtn.1] =>Toolbar.Babylon
[HKLM\Software\Classes\iMesh.AudioCD] =>PUP.iMesh
[HKLM\Software\Classes\iMesh.Device] =>PUP.iMesh
[HKLM\Software\Classes\iMesh.file] =>PUP.iMesh
[HKLM\Software\Classes\iMeshIEHelper.DNSGuard] =>PUP.iMesh
[HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1] =>PUP.iMesh
[HKLM\Software\Classes\imweb.imwebcontrol] =>PUP.iMesh
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{1fc41815-fa4c-4f8b-b143-2c045c8ea2fc}] =>Toolbar.Kiwee
[HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{252c2315-cce0-4446-8da7-c00292a690ba}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh
[HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Toolbar.Facemood
[HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{69d3f709-9de2-479f-980f-532d46895703}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare
[HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}] =>Toolbar.SweetIM
[HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}] =>Toolbar.Facemood
[HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio
[HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}] =>PUP.BearShare
[HKLM\Software\Classes\TypeLib\{ec96f516-51b2-4b46-8451-8665f5a6ba2b}] =>Adware.BHO
[HKLM\Software\Classes\TypeLib\{f07fbd3e-2048-44a4-9065-71bf551e2672}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}] =>PUP.iMesh
[HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}] =>PUP.iMesh
[HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
[HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DataMngr] =>Adware.Bandoo
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Facemoods] =>Toolbar.Facemoods
[HKCU\Software\HotspotShield] =>Toolbar.Conduit
[HKLM\Software\HotspotShield] =>Toolbar.Conduit
[HKCU\Software\iMesh] =>PUP.iMesh
[HKLM\Software\iMesh] =>PUP.iMesh
[HKLM\Software\iMeshMediabarTB] =>PUP.iMesh
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh] =>PUP.iMesh
C:\Program Files\Hotspot Shield =>Toolbar.Conduit
C:\Program Files\iMesh Applications =>PUP.iMesh
C:\ProgramData\hssff =>Toolbar.Conduit
C:\ProgramData\iMesh =>PUP.iMesh
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield =>Toolbar.Conduit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh =>PUP.iMesh
C:\Users\Kooli\AppData\Local\iMesh =>PUP.iMesh
C:\Users\Kooli\AppData\LocalLow\facemoods.com =>Toolbar.Facemoods
C:\Users\Kooli\AppData\LocalLow\imeshbandmltbpi =>PUP.iMesh
C:\Users\Kooli\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar =>Toolbar.AskTBar
----------------------------------------------------------
- Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-2-7-2012-9-32-11 PM.txt
Run by Kooli at 2/7/2012 9:32:11 PM
Windows 7 Business Edition, 32-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Registry Key ==========
DELETED Key: HKLM\Software\Classes\AppID\DiscoveryHelper.DLL
DELETED Key: HKLM\Software\Classes\AppID\GIFAnimator.DLL
DELETED Key: HKLM\Software\Classes\AppID\iMesh.exe
DELETED Key: HKLM\Software\Classes\AppID\IMTrProgress.DLL
DELETED Key: HKLM\Software\Classes\AppID\IMWeb.DLL
DELETED Key: HKLM\Software\Classes\AppID\WMHelper.DLL
DELETED Key: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
DELETED Key: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
DELETED Key: HKLM\Software\Classes\escort.escrtBtn.1
DELETED Key: HKLM\Software\Classes\iMesh.AudioCD
DELETED Key: HKLM\Software\Classes\iMesh.Device
DELETED Key: HKLM\Software\Classes\iMesh.file
DELETED Key: HKLM\Software\Classes\iMeshIEHelper.DNSGuard
DELETED Key: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1
DELETED Key: HKLM\Software\Classes\imweb.imwebcontrol
DELETED Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
DELETED Key: HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
DELETED Key: HKLM\Software\Classes\AppID\{1fc41815-fa4c-4f8b-b143-2c045c8ea2fc}
DELETED Key: HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
DELETED Key: HKLM\Software\Classes\TypeLib\{252c2315-cce0-4446-8da7-c00292a690ba}
DELETED Key: HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
DELETED Key: HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
DELETED Key: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
DELETED Key: HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
DELETED Key: HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
DELETED Key: HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
DELETED Key: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
DELETED Key: HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
DELETED Key: HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
DELETED Key: HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
DELETED Key: HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}
DELETED Key: HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
DELETED Key: HKLM\Software\Classes\CLSID\{69d3f709-9de2-479f-980f-532d46895703}
DELETED Key: HKLM\Software\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}
DELETED Key: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
DELETED Key: HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
DELETED Key: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
DELETED Key: HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
DELETED Key: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
DELETED Key: HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
DELETED Key: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
DELETED Key: HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
DELETED Key: HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
DELETED Key: HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
DELETED Key: HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
DELETED Key: HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
DELETED Key: HKLM\Software\Classes\TypeLib\{ec96f516-51b2-4b46-8451-8665f5a6ba2b}
DELETED Key: HKLM\Software\Classes\TypeLib\{f07fbd3e-2048-44a4-9065-71bf551e2672}
DELETED Key: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
DELETED Key: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
DELETED Key: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
DELETED Key: HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKLM\SYSTEM\CurrentControlSet\Services\HssSrv
DELETED Key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv
DELETED Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DataMngr
DELETED Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Facemoods
DELETED Key: HKCU\Software\HotspotShield
DELETED Key: HKLM\Software\HotspotShield
DELETED Key: HKCU\Software\iMesh
DELETED Key: HKLM\Software\iMesh
DELETED Key: HKLM\Software\iMeshMediabarTB
DELETED Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
========== Repertory ==========
DELETED Folder: c:\program files\hotspot shield
DELETED Folder: c:\program files\imesh applications
DELETED Folder: c:\programdata\hssff
DELETED Folder: c:\programdata\imesh
DELETED Folder: c:\programdata\microsoft\windows\start menu\programs\hotspot shield
DELETED Folder: c:\programdata\microsoft\windows\start menu\programs\imesh
DELETED Folder: c:\users\kooli\appdata\local\imesh
DELETED Folder: c:\users\kooli\appdata\locallow\facemoods.com
DELETED Folder: c:\users\kooli\appdata\locallow\imeshbandmltbpi
DELETED Folder: c:\users\kooli\appdata\locallow\searchqutoolbar
========== File ==========
DELETED File: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
========== Summary ==========
80 : Registry Key
10 : Repertory
1 : File
End of clean in 36mn AMs
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 2/7/2012 9:32:11 PM [7658]
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-2-7-2012-9-32-11 PM.txt
Run by Kooli at 2/7/2012 9:32:11 PM
Windows 7 Business Edition, 32-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Registry Key ==========
DELETED Key: HKLM\Software\Classes\AppID\DiscoveryHelper.DLL
DELETED Key: HKLM\Software\Classes\AppID\GIFAnimator.DLL
DELETED Key: HKLM\Software\Classes\AppID\iMesh.exe
DELETED Key: HKLM\Software\Classes\AppID\IMTrProgress.DLL
DELETED Key: HKLM\Software\Classes\AppID\IMWeb.DLL
DELETED Key: HKLM\Software\Classes\AppID\WMHelper.DLL
DELETED Key: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
DELETED Key: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
DELETED Key: HKLM\Software\Classes\escort.escrtBtn.1
DELETED Key: HKLM\Software\Classes\iMesh.AudioCD
DELETED Key: HKLM\Software\Classes\iMesh.Device
DELETED Key: HKLM\Software\Classes\iMesh.file
DELETED Key: HKLM\Software\Classes\iMeshIEHelper.DNSGuard
DELETED Key: HKLM\Software\Classes\iMeshIEHelper.DNSGuard.1
DELETED Key: HKLM\Software\Classes\imweb.imwebcontrol
DELETED Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
DELETED Key: HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
DELETED Key: HKLM\Software\Classes\AppID\{1fc41815-fa4c-4f8b-b143-2c045c8ea2fc}
DELETED Key: HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
DELETED Key: HKLM\Software\Classes\TypeLib\{252c2315-cce0-4446-8da7-c00292a690ba}
DELETED Key: HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
DELETED Key: HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
DELETED Key: HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
DELETED Key: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
DELETED Key: HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
DELETED Key: HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
DELETED Key: HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
DELETED Key: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
DELETED Key: HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
DELETED Key: HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
DELETED Key: HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
DELETED Key: HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}
DELETED Key: HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
DELETED Key: HKLM\Software\Classes\CLSID\{69d3f709-9de2-479f-980f-532d46895703}
DELETED Key: HKLM\Software\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}
DELETED Key: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
DELETED Key: HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
DELETED Key: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
DELETED Key: HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
DELETED Key: HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
DELETED Key: HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
DELETED Key: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
DELETED Key: HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
DELETED Key: HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
DELETED Key: HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
DELETED Key: HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
DELETED Key: HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
DELETED Key: HKLM\Software\Classes\TypeLib\{ec96f516-51b2-4b46-8451-8665f5a6ba2b}
DELETED Key: HKLM\Software\Classes\TypeLib\{f07fbd3e-2048-44a4-9065-71bf551e2672}
DELETED Key: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
DELETED Key: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
DELETED Key: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
DELETED Key: HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
DELETED Key: HKLM\SYSTEM\CurrentControlSet\Services\HssSrv
DELETED Key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv
DELETED Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DataMngr
DELETED Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Facemoods
DELETED Key: HKCU\Software\HotspotShield
DELETED Key: HKLM\Software\HotspotShield
DELETED Key: HKCU\Software\iMesh
DELETED Key: HKLM\Software\iMesh
DELETED Key: HKLM\Software\iMeshMediabarTB
DELETED Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
========== Repertory ==========
DELETED Folder: c:\program files\hotspot shield
DELETED Folder: c:\program files\imesh applications
DELETED Folder: c:\programdata\hssff
DELETED Folder: c:\programdata\imesh
DELETED Folder: c:\programdata\microsoft\windows\start menu\programs\hotspot shield
DELETED Folder: c:\programdata\microsoft\windows\start menu\programs\imesh
DELETED Folder: c:\users\kooli\appdata\local\imesh
DELETED Folder: c:\users\kooli\appdata\locallow\facemoods.com
DELETED Folder: c:\users\kooli\appdata\locallow\imeshbandmltbpi
DELETED Folder: c:\users\kooli\appdata\locallow\searchqutoolbar
========== File ==========
DELETED File: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
========== Summary ==========
80 : Registry Key
10 : Repertory
1 : File
End of clean in 36mn AMs
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 2/7/2012 9:32:11 PM [7658]
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
7 févr. 2012 à 21:45
7 févr. 2012 à 21:45
comment va ton pc?
et remets un rapport zhpdiag
a plus
et remets un rapport zhpdiag
a plus
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
7 févr. 2012 à 22:06
7 févr. 2012 à 22:06
mets toi en mode normal pour voir
et colle uin rapport zhpdiag ensuite
a plus
et colle uin rapport zhpdiag ensuite
a plus
L'Homme de confiance
Messages postés
2
Date d'inscription
mardi 7 février 2012
Statut
Membre
Dernière intervention
8 février 2012
7 févr. 2012 à 22:08
7 févr. 2012 à 22:08
ton malware y fait quoi a ton pc ?
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
8 févr. 2012 à 22:31
8 févr. 2012 à 22:31
ok
encore des soucis?
encore des soucis?
re,
Cava maintenant, je peux naviguer sans avoir de problemes et je peux accéder a mes fichiers,
Pouvez vous me dire comment utiliser ZHPFix et quelle sont les lignes que je dois copier si un jour j'aurai ce genre de probleme,
merci
Cava maintenant, je peux naviguer sans avoir de problemes et je peux accéder a mes fichiers,
Pouvez vous me dire comment utiliser ZHPFix et quelle sont les lignes que je dois copier si un jour j'aurai ce genre de probleme,
merci
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
Modifié par jlpjlp le 8/02/2012 à 22:59
Modifié par jlpjlp le 8/02/2012 à 22:59
pour zhpfix : c'est different pour chaque cas ...
pour supprimer ce qui a été utilisé lance delfix
pour supprimer ce qui a été utilisé lance delfix
